SEC201: Computing & Technology Essentials New

In order to pursue technical security studies, spanning any of the major disciplines, it is crucial that students have a solid grasp of technology and computing fundamentals.

SEC201 provides students that have no or minimal prior knowledge, or those in need of a refresher, with an understanding of the architecture of modern computers and topics spanning how a CPU works, the addressing of memory and the hardware relationship with operating systems. SEC201 includes an introduction to both Windows and Linux, providing students with plenty of hands-on exercises to build their familiarity with the command line and move their knowledge beyond being a power user to actually understanding the underlying facets of a modern OS.

SEC201 teaches logic, programming and scripting and introduces how each of these can lead to errors that allow security experts or cyber criminals to find faults and exploit them.

SEC201 provides the perfect balance of hands-on labs and theory in order to ensure that students can study security effectively and put their hands on the keyboard, rather than just understanding theory.

Course Syllabus

SEC201.1: Computing Fundamentals

Overview

Day One starts from the basics covering the components of a computer, operating systems, bits & bytes, virtualization, networking, the OSI model, counting in alternate number bases (decimal, binary, hexadecimal), encoding and encryption.

CPE/CMU Credits: 6

SEC201.2: Linux Fundamentals

Overview

Day Two starts with an introduction to Linux and its importance to the industry. Then it progresses through labs on installing Linux to using the command line. A series of mini-labs for each important command will familiarize students with the command line. Students will also learn three different ways of installing software on Linux including compiling it from source code.

CPE/CMU Credits: 6

SEC201.3: Windows Fundamentals

Overview

Day Three starts with an introduction to Windows and its common uses in the enterprise. The various different types such as Desktop and Server. Then we get into Active Directory, the course goes into detail about Domains and Domain Controllers as well as trust relationships and group policy. Windows permissions are covered, along with the registry. The day culminates in labs where the students learn how to set up networking on a Windows computer, then another lab on setting up a Domain Controller with Windows Server 2012 R2 and finally using a Group Policy Object to apply settings to a computer.

CPE/CMU Credits: 6

SEC201.4: Programming Fundamentals

Overview

Day Four starts with an introduction to programming, a comparison between high level, low level, compiled and interpreted languages. Examples of Python, C and ASM are used. The first lab leads students through setting up the environment to prepare for the series of mini-labs to follow. The rest of the day is spent with students learning about one aspect of programming followed by a mini-lab on it, before moving on to the next aspect. Each aspect will also cover the equivalent in C, however the labs will be almost exclusively in Python. Students will learn about Variables, Format Strings, Asking for Input, Parameters, Files, Functions, Logic, 'If' Statements, Arrays & Dictionaries, Loops, Modules, Classes and Object Oriented Programming. Finally, students will delve into some web-based languages such as HTML, PHP and JavaScript.

CPE/CMU Credits: 6

SEC201.5: Security Fundamentals

Overview

Day Five starts to tie together all the theory that was learned in the previous days. This book does not go into detail on every possible attacks, rather the focus is on understanding the kind of thinking that took the theory learned previously and spawned attacks from them. Students will first look at some common Web Application attacks including Cross Site Scripting, Command Injection and SQL Injection. Students will learn what the attacks are, how they work and most importantly why they work. Each attack will have a lab in which students can perform the attacks themselves. Moving on from Web Application Attacks, students will look at some common binary exploitation attacks such as buffer overflows and integer overflows. Students will learn how and why these attacks work by applying theory learned on previous days. Similarly, each of these attacks will also have a lab where students can perform the attack. This day culminates in a section on some interesting techniques that attackers have used to hide themselves on a network.

CPE/CMU Credits: 6

Additional Information

Laptop Required

A laptop is required for this course.

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org.